[gnutls-help] Forcing IPv4 with gnutls-cli?
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Jul 22 13:17:23 CEST 2014
On Fri, Jul 11, 2014 at 8:09 AM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net> wrote:
> based on lib/verify-tofu.c and lib/system.c, it looks like the file will
> always be named "known_hosts" and it will be within $HOME/.gnutls/ on
> unix-derived systems. I suppose you could modify $HOME but that doesn't
> sound very satisfying.
gnutls_verify_stored_pubkey, allows specifying an alternative filename
(through db_name), or even a database using the tdb argument.
gnutls-cli doesn't allow setting that option but a small patch could
allow setting that file.
> Nikos, i note that the functions around this all use snprintf and are
> generally limited to PATH_MAX, without verifying that snprintf returns a
> sensible value. I worry that for very large values of $HOME, this might
> produce some weird behavior, but i haven't been able to coax it into
> anything concrete yet. Maybe it's worth having a look and thinking
> through what the consequences would be for a very long $HOME?
I think that the limitation can be lifted by using asprintf() or
similar. If there is a patch that lifts that limitation in a portable
way I'll apply it.
regards,
Nikos
More information about the Gnutls-help
mailing list